Single file decryption?

Hello,

today I made a stupid mistake and accidentally deleted my vault. It is syncing with my cloud account so the files got deleted there too, but I was able to restore them.
My only problem is, that the files are in the trash (in my cloud account) without the folder structure, the folder structure is still on my PC.
Basically I have all the encrypted files and empty folders on my PC now, is there some way I can restore my files?

I tried decrypting the files with the sanitizer tool from github (https://github.com/cryptomator/sanitizer) but I get ā€œUnsupported vault version 6ā€.

Hope someone can help me out here, thanks in advance.

Good news: yes file contents are recoverable.
Bad news: file names are lost, since they are cryptographically bound to the directory structure.

Will post a instruction later. Are on my mobile phone right now :wink:

Thats great news! :grinning: File names are not too important.

Thank you!

I added support for vault format 6 in the latest sanitizer version. You can use this command to decrypt all files inside a vault.

To do this, you need to prepare a directory to resemble a vault structure. While the directories may be lost, you can use arbitrary names, as long as they match the expected length (2 characters and 30 characters) and pattern (a-z2-8):

masterkey.cryptomator
d/AA/AAAAABBBBBCCCCCDDDDDEEEEEFFFFF/

Put all your files inside of AAAAABBBBBCCCCCDDDDDEEEEEFFFFF and start the vault decryption.

Thank you so much it worked! Had to play around with file extensions for a while cause they were lost too but I got my files back! Will make backups in the future.
Also thank you for updating the sanitizer!

Do you have a bitcoin address where I could send you a tip? Or should I just send it to the address on the cryptomator homepage? :slight_smile:

1 Like

The one on the homepage is fine :slight_smile: Thank you so much for your donation!

Hi there, a little bit ot but hopefully not too much. I was playing around with sanitizer after (finally) setting up my vault and keep getting this message when running the check command

Check failed: Vault version mismatch. Exepcted: 5 Actual: 6

Anything useful?
Thanks in advance.

PS: I donā€™t actually have any issue, but Iā€™m getting as deep as I can since there is quite some data on the line :slight_smile:

Have you tried the current version of Sanitizer? @overheadhunter just updated it a couple of days ago. Maybe youā€™ve downloaded Sanitizer before that. :smile:

Edit: My bad, I think weā€™ve missed something. Weā€™ll fix it asap!

1 Like

Iā€™ll check back if updated. Thank you so much for your work.

Oh, I guess @markuskreusch forgot to notify this topic. Sanitizer has been updated to 0.13. :grin:

Great, working well indeed. Since Iā€™m here Iā€™ve got a bunch of orphaned filed from the report. What does that mean exactly? Can I get rid of them, or force some kind of ā€˜resyncā€™ of the WebDAV device?
Thanks again .

At first, I though we could create a comprehensive list of detectable problems of Sanitizer. Basically, making of human-readable list of the integrity check. But thatā€™s quite a lot of effort. :see_no_evil:

What orphan message are you getting exactly? There are OrphanDirectory and OrphanMFile afaik. If my guess is right that you meant ā€œfilesā€, it should be OrphanMFile. In that case, this is indeed ā€œnormalā€ (thatā€™s why itā€™s just an INFO).

If you create a file or folder with a very long name, itā€™s getting shortened (see name shortening in security architecture). The folder m (stands for metadata) currently only contains shortened file/folder names. If you rename/move/delete a file/folder with a long name, the corresponding metadata file wonā€™t get deleted. Thatā€™s why some metadata files can get orphaned over time. If your vault is fully(!) synchronized, itā€™s safe to delete orphaned metadata files. You can actually use Sanitizer to do that by adding the --solve OrphanMFile parameter.

I canā€™t find the discussion anymore but there was a time when it was necessary not to delete metadata files. If Iā€™m not mistaken, due to some changes in the encryption scheme, we actually can safely delete metadata files now. Would have to discuss this with the others if thatā€™s an improvement that we could make in a future version. :grin:

It worked like a charm, and yes I was indeed talking about files, sorry about that. Donā€™t have enough words to tell you how much I do appreciate your work, Iā€™ve always been interested in encryption but only lately Iā€™ve actually started learning the basics behind it. Would love to dig further both from a mathematical and practical point of view.

1 Like

hi~

do you mean if I dont care about file name,
I can use sanitizer to simply decrypt just a single encrypted file?

And just do so as u say, just copy the masterkey.cryptomator,
make 1 single folder, put the file inside, and use sanitizer 's decryptVault funciton?

I will try later, thanks

Is there anyway we can get back?